Paper 2021/1483

A Practical Forward-Secure DualRing

Nan Li, Yingjiu Li, Atsuko Miyaji, Yangguang Tian, and Tsz Hon Yuen


Ring signature allows a signer to generate a signature on behalf of a set of public keys, while a verifier can verify the signature without identifying who the actual signer is. In Crypto 2021, Yuen et al. proposed a new type of ring signature scheme called DualRing. However, it lacks forward security. The security of DualRing cannot be guaranteed if the signer's secret key is compromised. In this work, we introduce forward-secure DualRing. The singer can periodically update his secret key using our proposed ``split-and-combine" method to mitigate the security risks caused by the leakage of secret keys. We present a practical scheme based on the discrete logarithm assumption. We show a detailed evaluation to validate its practicality.

Available format(s)
Public-key cryptography
Publication info
Preprint. MINOR revision.
DualRingForward SecurityPractical Scheme
Contact author(s)
sunshine tian86 @ gmail com
2021-11-08: received
Short URL
Creative Commons Attribution


      author = {Nan Li and Yingjiu Li and Atsuko Miyaji and Yangguang Tian and Tsz Hon Yuen},
      title = {A Practical Forward-Secure DualRing},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1483},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.